I'm attempting to visit https://www.duluthtrading.com/
, and I'm receiving an untrusted certificate error on Windows 7. This happens in both IE and Chrome (as both use the Windows certificate store).
Here's the certificate chain:
- VeriSign Universal Root Certification Authority
- Symantec Class 3 Secure Server SHA256 SSL CA (e7 32 73 e5 3a cf e8 0f 41 0b 3e f4 6b 18 02 87 a0 04 40 cd)
- www.duluthtrading.com (6e 70 94 1a e6 39 88 9a 64 fa cb 76 34 af 62 e6 43 83 66 cf)
- Symantec Class 3 Secure Server SHA256 SSL CA (e7 32 73 e5 3a cf e8 0f 41 0b 3e f4 6b 18 02 87 a0 04 40 cd)
The problem is, the Root CA (VeriSign Universal Root Certification Authority) is not trusted on this problematic system. This machine is up-to-date via Windows Update.
I looked on another Windows 7 VM (which was less up-to-date), and the certificate was there, under "Third-Party Root Certification Authorities". This VM had fewer certificates.
Why is this CA certificate missing?
How can I fix this machine?
Update: In the Windows Application log, I'm seeing the following errors:
Event 4101, CAPI2
Failed auto update retrieval of third-party root certificate from: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4.crt> with error: 12007 (0x2ee7).
VeriSign Universal Root Certification Authority
) on a Mac. Firefox works fine (has its own certs?), but Chrome and Safari cannot locate the root cert. Reinstalling Chrome didn't help.